itlawwikiaorg-20200214-history
Authentication
Definitions Biometrics Utilizing biometrics for personal authentication is becoming convenient and considerably more accurate than current methods (such as the utlization of passwords or personal identification numbers (PINs). The goal is to determine whether the person or object is who or what they claim to be. Biometric technologies automate the identification of people using one or more of their distinct physical or behavioral characteristics — authentication based on something that users are. The use of security tokens or biometrics requires the installation of the appropriate readers at network and computer access points. Communications Authentication is Computer security Authentication is Authentication is "provision of assurance that a claimed characteristic of an entity is correct."Framework for Cyber-Physical Systems, at 6. CSS (Content Scramble System) Authentication is a process for a DVD drive and the CSS decryption module to recognize (or authenticate) each other. It is necessary before reading data from DVDs. An authentication key is used for this process. Evidence General To be admissible at trial, the evidence offered must be authenticated, that is, shown to be what its proponent claims it is.Fed. R. Evid. 901(a). The proponent is not required to rule out all possibilities that are inconsistent with authenticity. The standard for admission is a reasonable likelihood that the evidence is what it purports to be. As stated by one court: Images Images used to illustrate a witness’s testimony are easy to authenticate, usually requiring only the witness’s testimony that, based on personal knowledge, the image is a fair and accurate portrayal of what it represents. Digital photographs offered as pictures of a crime scene should normally be authenticated as conventional photographs would be, unless some real concern arises regarding alteration. For example, enhancing digital images may raise authentication issues. Re-creations and simulations that accompany expert testimony may require the same foundation as the expert testimony itself to support the assumptions on which such evidence rests. Testimony that the input and output parameters were correct may also be needed. For example, simulations are commonly used in civil cases to portray airline disasters and automobile crashes. Authentication issues in such cases focus on the extent to which input data correspond to actual events (in terms of accuracy and completeness) and the scientific validity of the mathematical model underlying the simulation. Authentication of computer-stored substantive evidence Key authentication issues for computer-stored evidence usually center on identifying the author or authors of the computer-stored record and showing that it has not undergone significant change in any respect that matters in the case. Both of these points can often be shown through the chain of custody and other circumstantial evidence. Illustration (b)(1) of Fed.R.Evid. 901 provides for authentication through “testimony of a witness with knowledge” that “a matter is what it is claimed to be.” Many courts have recognized that, while the witness called to establish authenticity must have personal knowledge of the facts about which he or she testifies, the witness need not have been the programmer of the computer in question, have knowledge of its maintenance and technical operation, or have seen the data entered. For example, computer-stored records of illegal drug transactions, found on a computer seized from a defendant’s possession, could be authenticated by testimony from both the investigating officer who seized the computer (showing that the computer was indeed found in the defendant’s possession and that names used in the files matched those associated through other evidence with the drug transactions) and the examiner who recovered the files (showing that the records are actually those found on the computer). In some cases, because of the relative anonymity of some computer-stored records (such as those involving Internet-related crimes), establishing authorship may depend largely on circumstantial evidence. For example, in a child pornography case involving Internet chat rooms, evidence obtained from the defendant’s residence that linked him to his postings to the chat room, information he gave to an undercover officer, and information obtained from the ISP were sufficient to show authorship. Authentication of digital evidence under the Federal Rules of Evidence is often a simple and straightforward matter. Defendants will sometimes challenge authenticity by alleging that the computer records could have been altered after they were created. Such arguments emphasize the ease with which computer records may be modified. Under the “reasonable likelihood” threshold for authentication, however, courts have generally not been receptive to such claims in the absence of specific evidence of alteration. Moreover, authentication of data may not necessarily be precluded by the use of examination software that alters nonessential data but does not effect significant changes to substantive data. For example, alteration of time and date stamps may not preclude admission in a given case. Other issues that may be raised, apart from the possibility of tampering, include the completeness of the record, the input procedures, and the input method (accurate data conversion). If these matters are genuinely at issue, the proponent of the evidence should be prepared to present witnesses to address them. In the majority of cases, a combination of circumstantial evidence provides the key to establishing the authorship and authenticity of a computer record. Authenticating e-mail Common ways to authenticate e-mail include: * The chain of custody following the route of the message, coupled with testimony that the alleged sender had primary access to the computer on which the message originated. * The content of the e-mail refers to matters of which the writer would have been aware. * The recipient used the reply function to respond to the e-mail; the reply may include the sender’s original message. * After receiving the e-mail, the sender takes action consistent with its content. Authentication of preexisting substantive evidence generated by a computer Because computer-generated records are created directly by computer programs rather than by human input, authentication issues do not include identity of the records’ author. Rather, the central authentication concerns are the reliability of the processing and output functions. Particularly pertinent to these concerns is Fed.R.Evid. 901(b)(9), which provides for authentication by “evidence describing a process or system used to produce a result and showing that the process or system produces an accurate result.” General Authentication is Authentication (of identity) is Authentication (of a message or a file) is Telecommunications Authentication is Overview (Computer security) Authentication mechanisms can help ensure that online transactions only involve trustworthy data, hardware, and software for networks and devices. The principal forms of authentication include static, dynamic, and multiple factor. Authentication technologies associate a user with a particular identity. People are authenticated by three basic means: * by something they know (e.g., PIN number or password) * by something they have (e.g., key, dongle, smart card), or * by something they are such as a biological characteristic (e.g., fingerprint, retinal signature), a location (e.g., Global Positioning System (GPS) location access), the time a request is made, or a combination of these attributes. In general, the more factors that are used in the authentication process, the more robust the process will be. People and systems regularly use these means to identify people in everyday life. For example, members of a community routinely recognize one another by how they look or how their voices sound — by something they are. Authentication for individuals involves independent confirmation of identity using one or more methods. Typically, multi-factor approaches provide greater security than single factor methods. These might be retinal scans, DNA, fingerprints, voiceprints, etc. Automated teller machines recognize customers because they present a bank card — something they have — and they enter a personal identification number (PIN) — something they know. Using a key to enter a locked building is another example of using something you have. More secure systems may combine two of more of these approaches. While the use of passwords is an example of authentication based on something users know, there are several technologies based on something users have. Security tokens can be used to authenticate a user. User information can be coded onto a token using magnetic media (for example, bank cards) or optical media (for example, compact disk–like media). Several smart token technologies containing an integrated circuit chip that can store and process data are also available. Once a user is authenticated, authorization technologies are used to allow or prevent actions by that user according to predefined rules. Users could be granted access to data on the system or to perform certain actions on the system. Authorization technologies support the principles of legitimate use, least privilege, and separation of duties. Access control could be based on user identity, role, group membership, or other information known to the system. Most operating systems and some applications provide some authentication and authorization functionality. For example, user identification codes and passwords are the most commonly used authentication technology. System administrators can assign users rights and privileges to applications and data files based on user IDs. Some operating systems allow for the grouping of users to simplify the administration of groups of users who require the same levels of access to files and applications. Overview (Internet of Things) "Proper authentication also is a must in the Internet of Things. If a device transmits or receives sensitive data, an authentication failure could allow unauthorized access to that information. But with connected devices, the risk doesn't stop there. An authentication failure could expose sensitive data not just on the device, but on networks to which it's connected. In addition, if an unauthorized person is able to access a device remotely and change how it operates, the safety implications could be profound. Consider investing additional resources in the design, implementation, and testing of authentication."Careful Connections: Building Security in the Internet of Things, at 3. References See also * Attribute authentication * Authenticated user * Authentication code * Authentication exchange * Authentication feature * Authentication function * Authentication information * Authentication mechanism * Authentication mode * Authentication of identity * Authentication protocol * Authentication service * Authentication tag * Authenticator * Authenticity * Biometric authentication * Device authentication * Identity authentication * Identity-based authentication * Improper authentication * Individual authentication * Insufficient authentication * Multi-factor authentication * Password-only authentication * Risk-based authentication * Scalable authentication * Signal authentication * Strong authentication * 2-factor authentication * 3-factor authentication Category:Evidence Category:Security Category:Technology Category:Biometrics Category:Telecommunications